专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20150055778A1 METHOD AND APPARATUS FOR A NON-DETERMINISTIC RANDOM BIT GENERATOR (NRBG) 有权
标题翻译：非确定性随机位发生器（NRBG）的方法和装置
公开(公告)号：US20150055778A1
公开(公告)日：2015-02-26
申请号：US13976175
申请日：2011-12-29
申请人： George W. Cox , David Johnston , Martin G. Dixon , Stephen A. Fischer , Jason W. Brandt
发明人： George W. Cox , David Johnston , Martin G. Dixon , Stephen A. Fischer , Jason W. Brandt
IPC分类号： H04L9/08 , G06F7/58
CPC分类号： H04L9/0869 , G06F7/588 , G06F9/30007 , H04L9/0662 , H04L2209/24
摘要： A hardware-based digital random number generator is provided. In one embodiment, a processor includes a digital random number generator (DRNG) to condition entropy data provided by an entropy source, to generate a plurality of deterministic random bit (DRB) strings, and to generate a plurality of nondeterministic random bit (NRB) strings, and an execution unit coupled to the DRNG, in response to a first instruction to read a seed value, to retrieve one of the NRB strings from the DRNG and to store the NRB string in a destination register specified by the first instruction.
摘要翻译：提供了一种基于硬件的数字随机数发生器。在一个实施例中，处理器包括数字随机数发生器（DRNG），用于对熵源提供的熵数据进行条件生成，以产生多个确定性随机位（DRB）串，并产生多个非确定性随机位（NRB）响应于读取种子值的第一指令，从DRNG检索NRB字符串中的一个并将NRB字符串存储在由第一指令指定的目的地寄存器中，耦合到DRNG的执行单元。

2. 发明授权

US09544139B2 Method and apparatus for a non-deterministic random bit generator (NRBG) 有权
标题翻译：用于非确定性随机位发生器（NRBG）的方法和装置
公开(公告)号：US09544139B2
公开(公告)日：2017-01-10
申请号：US13976175
申请日：2011-12-29
申请人： George W. Cox , David Johnston , Martin G. Dixon , Stephen A. Fischer , Jason W. Brandt
发明人： George W. Cox , David Johnston , Martin G. Dixon , Stephen A. Fischer , Jason W. Brandt
IPC分类号： H04L9/00 , H04L9/08 , H04L9/06 , G06F7/58 , G06F9/30 , G06F15/16
CPC分类号： H04L9/0869 , G06F7/588 , G06F9/30007 , H04L9/0662 , H04L2209/24
摘要： A hardware-based digital random number generator is provided. In one embodiment, a processor includes a digital random number generator (DRNG) to condition entropy data provided by an entropy source, to generate a plurality of deterministic random bit (DRB) strings, and to generate a plurality of nondeterministic random bit (NRB) strings, and an execution unit coupled to the DRNG, in response to a first instruction to read a seed value, to retrieve one of the NRB strings from the DRNG and to store the NRB string in a destination register specified by the first instruction.
摘要翻译：提供了一种基于硬件的数字随机数发生器。在一个实施例中，处理器包括数字随机数发生器（DRNG），用于对熵源提供的熵数据进行条件生成，以产生多个确定性随机位（DRB）串，并产生多个非确定性随机位（NRB）响应于读取种子值的第一指令，从DRNG检索NRB字符串中的一个并将NRB字符串存储在由第一指令指定的目的地寄存器中，耦合到DRNG的执行单元。

3. 发明申请

US20100332574A1 Digital random number generator 有权
标题翻译：数字随机数发生器
公开(公告)号：US20100332574A1
公开(公告)日：2010-12-30
申请号：US12459142
申请日：2009-06-26
申请人： Howard C. Herbert , George W. Cox , Shay Gueron , Jesse Walker , Charles E. Dike , Stephen A. Fischer , Ernie Brickell , Martin G. Dixon , David Johnston , Gunendran Thuraisingham , Edward V. Gamsaragan , James S. Coke , Greg W. Piper
发明人： Howard C. Herbert , George W. Cox , Shay Gueron , Jesse Walker , Charles E. Dike , Stephen A. Fischer , Ernie Brickell , Martin G. Dixon , David Johnston , Gunendran Thuraisingham , Edward V. Gamsaragan , James S. Coke , Greg W. Piper
IPC分类号： G06F7/58
CPC分类号： G06F7/588 , G06F9/30007 , H04L9/0861
摘要： A hardware-based digital random number generator is provided. The digital random number generator is a randomly behaving random number generator based on a set of nondeterministic behaviors. The nondeterministic behaviors include temporal asynchrony between subunits, entropy source “extra” bits, entropy measurement, autonomous deterministic random bit generator reseeding and consumption from a shared resource.
摘要翻译：提供了一种基于硬件的数字随机数发生器。数字随机数发生器是基于一组非确定性行为的随机行为随机数发生器。非确定性行为包括子单元之间的时间不同步，熵源“额外”比特，熵测量，自主确定性随机比特生成器重新获取和来自共享资源的消费。

4. 发明授权

US08489660B2 Digital random number generator using partially entropic data 有权
标题翻译：使用部分熵数据的数字随机数发生器
公开(公告)号：US08489660B2
公开(公告)日：2013-07-16
申请号：US12459142
申请日：2009-06-26
申请人： Howard C. Herbert , George W. Cox , Shay Gueron , Jesse Walker , Charles E. Dike , Stephen A. Fischer , Ernie Brickell , Martin G. Dixon , David Johnston , Gunendran Thuraisingham , Edward V. Gamsaragan , James S. Coke , Greg W. Piper
发明人： Howard C. Herbert , George W. Cox , Shay Gueron , Jesse Walker , Charles E. Dike , Stephen A. Fischer , Ernie Brickell , Martin G. Dixon , David Johnston , Gunendran Thuraisingham , Edward V. Gamsaragan , James S. Coke , Greg W. Piper
IPC分类号： G06F7/58
CPC分类号： G06F7/588 , G06F9/30007 , H04L9/0861
摘要： A hardware-based digital random number generator is provided. The digital random number generator is a randomly behaving random number generator based on a set of nondeterministic behaviors. The nondeterministic behaviors include temporal asynchrony between subunits, entropy source “extra” bits, entropy measurement, autonomous deterministic random bit generator reseeding and consumption from a shared resource.
摘要翻译：提供了一种基于硬件的数字随机数发生器。数字随机数发生器是基于一组非确定性行为的随机行为随机数发生器。非确定性行为包括子单元之间的时间不同步，熵源“额外”比特，熵测量，自主确定性随机比特生成器重新获取和来自共享资源的消费。

5. 发明授权

US08954735B2 Device, method, and system for secure trust anchor provisioning and protection using tamper-resistant hardware 有权
标题翻译：使用防篡改硬件的安全信任锚配置和保护的设备，方法和系统
公开(公告)号：US08954735B2
公开(公告)日：2015-02-10
申请号：US13631562
申请日：2012-09-28
申请人： Ned M. Smith , David Johnston , George W. Cox , Adi Shaliv
发明人： Ned M. Smith , David Johnston , George W. Cox , Adi Shaliv
IPC分类号： H04L29/06
CPC分类号： H04L63/061 , H04L9/0822 , H04L9/0866 , H04L9/3231 , H04L63/0861 , H04L2209/127
摘要： A method and device for securely provisioning trust anchors includes generating a database wrapper key as a function of computing device hardware. The database wrapper key encrypts a key database when it is not in use by a trusted execution environment and may be generated using a Physical Unclonable Function (PUF). A local computing device establishes a secure connection and security protocols with a remote computing device. In establishing the secure connection, the local computing device and remote computing device may exchange and/or authenticate cryptographic keys, including Enhanced Privacy Identification (EPID) keys, and establish a session key and device identifier(s). One or more trust anchors are then provisioned depending on whether unilateral, bilateral, or multilateral trust is established. The local computing device may act as a group or domain controller in establishing multilateral trust. Any of the devices may also require user presence to be verified.
摘要翻译：用于安全地配置信任锚的方法和设备包括生成作为计算设备硬件的函数的数据库包装密钥。数据库包装器密钥在密钥数据库不被可信执行环境使用时加密，并且可以使用物理不可克隆功能（PUF）生成密钥数据库。本地计算设备与远程计算设备建立安全连接和安全协议。在建立安全连接时，本地计算设备和远程计算设备可以交换和/或验证密码密钥，包括增强型隐私标识（EPID）密钥，并建立会话密钥和设备标识符。根据单方面，双边或多边信托是否建立了一个或多个信托基金。本地计算设备可以充当组或域控制器来建立多边信任。任何设备也可能要求验证用户存在。

6. 发明授权

US10079678B2 Providing access to encrypted data 有权
公开(公告)号：US10079678B2
公开(公告)日：2018-09-18
申请号：US13557079
申请日：2012-07-24
申请人： Ned M. Smith , George W. Cox , David Johnston
发明人： Ned M. Smith , George W. Cox , David Johnston
IPC分类号： G06F12/14 , H04L9/08 , H04L9/32 , G06F21/62 , G06F21/31 , G06F21/74
CPC分类号： H04L9/0866 , G06F21/31 , G06F21/6209 , G06F21/74 , G06F2221/2107 , H04L9/0822 , H04L9/3226
摘要： Embodiments of methods, systems, and storage medium associated with providing access to encrypted data for authorized users are disclosed herein. In one instance, the method may include obtaining a derived value for an authenticated user based on user personalization data of the authenticated user, and generating a user-specific encryption key based on the derived value. The derived value may have entropy in excess of a predetermined level. The user-specific encryption key may enable the authenticated user to access the encrypted data stored at the storage device. Other embodiments may be described and/or claimed.

7. 发明申请

US20140189365A1 SECURE KEY DERIVATION AND CRYPTOGRAPHY LOGIC FOR INTEGRATED CIRCUITS 有权
标题翻译：集成电路的安全关键衍生和拼接逻辑
公开(公告)号：US20140189365A1
公开(公告)日：2014-07-03
申请号：US13730829
申请日：2012-12-29
申请人： George W. Cox , David Johnston , Jiangtao Li , Anand Rajan
发明人： George W. Cox , David Johnston , Jiangtao Li , Anand Rajan
IPC分类号： G06F21/72
CPC分类号： G06F21/72 , G06F21/52 , G06F21/73 , G09C1/00 , H04L9/0866 , H04L2209/12
摘要： A processor of an aspect includes root key generation logic to generate a root key. The root key generation logic includes a source of static and entropic bits. The processor also includes key derivation logic coupled with the root key generation logic. The key derivation logic is to derive one or more keys from the root key. The processor also includes cryptographic primitive logic coupled with the root key generation logic. The cryptographic primitive logic is to perform cryptographic operations. The processor also includes a security boundary containing the root key generation logic, the key derivation logic, and the cryptographic primitive logic. Other processors, methods, and systems are also disclosed.
摘要翻译：一方面的处理器包括生成根密钥的根密钥生成逻辑。根密钥生成逻辑包括静态和熵位的源。处理器还包括与根密钥生成逻辑耦合的密钥导出逻辑。密钥推导逻辑是从根密钥导出一个或多个密钥。处理器还包括与根密钥生成逻辑耦合的加密原语逻辑。加密原语逻辑是执行加密操作。处理器还包括包含根密钥生成逻辑，密钥导出逻辑和密码原语逻辑的安全边界。还公开了其他处理器，方法和系统。

8. 发明申请

US20140091832A1 INTEGRATED CIRCUITS HAVING ACCESSIBLE AND INACCESSIBLE PHYSICALLY UNCLONABLE FUNCTIONS 有权
标题翻译：具有可接受和不可接受的物理不可靠功能的集成电路
公开(公告)号：US20140091832A1
公开(公告)日：2014-04-03
申请号：US13631634
申请日：2012-09-28
申请人： Kevin C. Gotze , Gregory M. Iovino , Jiangtao Li , David Johnston , Sanu K. Mathew , George W. Cox , Anand Rajan
发明人： Kevin C. Gotze , Gregory M. Iovino , Jiangtao Li , David Johnston , Sanu K. Mathew , George W. Cox , Anand Rajan
IPC分类号： H03K19/003
CPC分类号： H03K19/003 , G09C1/00 , H04L9/0866 , H04L2209/12
摘要： An integrated circuit substrate of an aspect includes a plurality of exposed electrical contacts. The integrated circuit substrate also includes an inaccessible set of Physically Unclonable Function (PUF) cells to generate an inaccessible set of PUF bits that are not accessible through the exposed electrical contacts. The integrated circuit substrate also includes an accessible set of PUF cells to generate an accessible set of PUF bits that are accessible through the exposed electrical contacts. Other apparatus, methods, and systems are also disclosed.
摘要翻译：一方面的集成电路基板包括多个暴露的电触点。集成电路基板还包括不可接近的物理不可克隆功能（PUF）单元组，以生成不能通过暴露的电触点访问的不可访问的PUF位集合。集成电路基板还包括可访问的PUF单元组，以产生可通过暴露的电触点访问的可访问的PUF位组。还公开了其他装置，方法和系统。

9. 发明申请

US20140095867A1 DEVICE, METHOD, AND SYSTEM FOR SECURE TRUST ANCHOR PROVISIONING AND PROTECTION USING TAMPER-RESISTANT HARDWARE 有权
标题翻译：使用防潮硬件安全信赖锚定器和保护的装置，方法和系统
公开(公告)号：US20140095867A1
公开(公告)日：2014-04-03
申请号：US13631562
申请日：2012-09-28
申请人： Ned M. Smith , David Johnston , George W. Cox , Adi Shaliv
发明人： Ned M. Smith , David Johnston , George W. Cox , Adi Shaliv
IPC分类号： H04L29/06 , H04L9/32 , G06F17/30 , H04L9/00 , H04L9/08
CPC分类号： H04L63/061 , H04L9/0822 , H04L9/0866 , H04L9/3231 , H04L63/0861 , H04L2209/127
摘要： A method and device for securely provisioning trust anchors includes generating a database wrapper key as a function of computing device hardware. The database wrapper key encrypts a key database when it is not in use by a trusted execution environment and may be generated using a Physical Unclonable Function (PUF). A local computing device establishes a secure connection and security protocols with a remote computing device. In establishing the secure connection, the local computing device and remote computing device may exchange and/or authenticate cryptographic keys, including Enhanced Privacy Identification (EPID) keys, and establish a session key and device identifier(s). One or more trust anchors are then provisioned depending on whether unilateral, bilateral, or multilateral trust is established. The local computing device may act as a group or domain controller in establishing multilateral trust. Any of the devices may also require user presence to be verified.
摘要翻译：用于安全地配置信任锚的方法和设备包括生成作为计算设备硬件的函数的数据库包装密钥。数据库包装器密钥在密钥数据库不被可信执行环境使用时加密，并且可以使用物理不可克隆功能（PUF）生成密钥数据库。本地计算设备与远程计算设备建立安全连接和安全协议。在建立安全连接时，本地计算设备和远程计算设备可以交换和/或验证密码密钥，包括增强型隐私标识（EPID）密钥，并建立会话密钥和设备标识符。根据单方面，双边或多边信托是否建立了一个或多个信托基金。本地计算设备可以充当组或域控制器来建立多边信任。任何设备也可能要求验证用户存在。

10. 发明申请

US20140032933A1 PROVIDING ACCESS TO ENCRYPTED DATA 审中-公开
标题翻译：提供访问加密数据
公开(公告)号：US20140032933A1
公开(公告)日：2014-01-30
申请号：US13557079
申请日：2012-07-24
申请人： Ned M. Smith , George W. Cox , David Johnston
发明人： Ned M. Smith , George W. Cox , David Johnston
IPC分类号： G06F21/24
CPC分类号： H04L9/0866 , G06F21/31 , G06F21/6209 , G06F21/74 , G06F2221/2107 , H04L9/0822 , H04L9/3226
摘要： Embodiments of methods, systems, and storage medium associated with providing access to encrypted data for authorized users are disclosed herein. In one instance, the method may include obtaining a derived value for an authenticated user based on user personalization data of the authenticated user, and generating a user-specific encryption key based on the derived value. The derived value may have entropy in excess of a predetermined level. The user-specific encryption key may enable the authenticated user to access the encrypted data stored at the storage device. Other embodiments may be described and/or claimed.
摘要翻译：这里公开了与为授权用户提供对加密数据的访问相关联的方法，系统和存储介质的实施例。在一个实例中，该方法可以包括基于认证用户的用户个性化数据获得经认证的用户的导出值，并且基于导出的值生成用户特定加密密钥。导出值可能具有超过预定水平的熵。用户专用加密密钥可以使经认证的用户能够访问存储在存储设备上的加密数据。可以描述和/或要求保护其他实施例。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式